Error building docker with Unreal Engine. Error shown "Error: 'EPIC_TOKEN' parameter is mandatory". #9570
Description
Setup
- CARLA version: 0.9.16 (branches ue4-dev)
- Platform: Ubuntu 22.04 LTS (kernel 6.8.0-101-generic)
- Python version: 3.10
- GPU: NVIDIA GeForce RTX 5070 Ti
- GPU Drivers: 590.48.01
Describe the bug
The monolith Docker build fails because the EPIC_USER and EPIC_TOKEN variables passed via CLI arguments (--epic-user, --epic-token) are not exported as environment variables before being referenced by Docker's --secret id=...,env=... syntax in build.sh.
Docker's --secret id=epic_token,env=EPIC_TOKEN reads from the process environment, but the CLI argument parsing in build.sh only assigns local shell variables (EPIC_TOKEN="$2"). Since these are never exported, Docker mounts empty secret files, causing build_ue4.sh to fail with Error: 'EPIC_TOKEN' parameter is mandatory.
The .env file code path works correctly because it uses export, but the CLI argument path does not.
Steps to reproduce
-
Clone the CARLA repository and checkout ue4-dev (or ue5-dev).
-
Run the monolith Docker build with CLI credentials:
./Util/Docker/build.sh --monolith --branch ue4-dev --epic-user=<USER> --epic-token=<TOKEN>
- The build fails at the RUN --mount=type=secret step with:
Error: EPIC_TOKEN parameter is mandatory
Expected behavior
The Docker build should correctly pass the EPIC_USER and EPIC_TOKEN values as secrets to the build container, regardless of whether they are provided via CLI arguments or a .env file.
Logs
[monolith 1/7] RUN --mount=type=secret,id=epic_user,uid=1000 \
--mount=type=secret,id=epic_token,uid=1000 \
bash /build_scripts/build_ue4.sh \
--ue4-root /workspaces/unreal-egine \
--epic-user $(cat /run/secrets/epic_user) \
--epic-token $(cat /run/secrets/epic_token):
0.352 Error: 'EPIC_TOKEN' parameter is mandatory
------
Development.Dockerfile:86
--------------------
85 | ENV UE4_ROOT="/workspaces/unreal-egine"
86 | >>> RUN --mount=type=secret,id=epic_user,uid=${UID} \
87 | >>> --mount=type=secret,id=epic_token,uid=${UID} \
88 | >>> bash /build_scripts/build_ue4.sh \
89 | >>> --ue4-root ${UE4_ROOT} \
90 | >>> --epic-user $(cat /run/secrets/epic_user) \
91 | >>> --epic-token $(cat /run/secrets/epic_token)
92 |
--------------------
ERROR: failed to build: failed to solve: process "/bin/sh -c bash /build_scripts/build_ue4.sh \
--ue4-root ${UE4_ROOT} \
--epic-user $(cat /run/secrets/epic_user) \
--epic-token $(cat /run/secrets/epic_token)" did not complete successfully: exit code: 1
Scripts
The fix is to add export for both variables in Util/Docker/build.sh before the docker build command in the monolith section (after the empty-check, before the docker build call):
export EPIC_USER
export EPIC_TOKEN
Screenshots
N/A
Additional context
The root cause is in Util/Docker/build.sh lines 152–170. The CLI argument parsing (lines 91–96) assigns EPIC_USER and EPIC_TOKEN as local shell variables. The .env loading path (lines 147–150) correctly uses export, so credentials from a .env file work. However, when credentials are provided via --epic-user and --epic-token flags, Docker's --secret id=epic_user,env=EPIC_USER cannot read them because they are not in the environment.